If you own a WordPress site, make sure you are staying on top of updates—not just for the core platform, but for all the themes and plugins, too. MailPoet, TimThumb, All in One SEO Pack, Login Rebuilder, and JW Player have all been updated within the past month. Check your administrator dashboard and make sure you have the latest versions installed. Read More »

Thousands of WordPress and Joomla sites are currently under attack by a large botnet brute-forcing passwords. Administrators need to make sure they have strong passwords and unique usernames for their WordPress and Joomla installations. Read More »

On Wednesday, the attackers "illegally posted on a Reuters journalist's blog" a false article reporting the death of Saudi Arabia's foreign minister Saud al-Faisal, Reuters said. While Reuters removed the article immediately, the entire blogs.reuters.com platform was offline for most of the day yesterday. As of Thursday morning, the site has a temporary placeholder page, citing "technical issues." Was unpatched WordPress blogs to blame for the attack? Read More »

Cyber-criminals often don't bother to register new domains and setting up their malicious sites from scratch. It's far easier to hack into existing Websites and drop a malicious page in a subdirectory. A recent post on the Unmask Parasites blog described how cyber-criminals hijack legitimate domains for malicious purposes. Read More »